https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37407
--- Comment #9 from Brendan Lawlor <[email protected]> --- The latest patch is pure javascript so until this bug is resolved this can be added to IntranetUserJS as a workaround: $(document).ready(function() { // Handle checkout for fast cataloging // Check the referrer to prevent csrf, fill and submit form if(document.referrer.split('?')[0] === window.location.origin +'/cgi-bin/koha/cataloguing/additem.pl') { let urlParams = new URLSearchParams(window.location.search); let barcode = urlParams.get('barcode'); $('#barcode').val(barcode); $('#mainform').submit(); } }); This code checks that the referrer is the same origin and from the additem page, but it might not be as secure as the token based csrf protection. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
